Sponsored White Papers, Webcasts, and Downloads
TechRepublic Resources
- Behavior-based AV solutions cannot stand alone
- Someday, behavior analysis might replace signature comparison in AV solutions. But I don't think so. Like all security controls, these two approaches to detecting malware are layered defenses, supporting each other, identifying threats the other misses. by Tom Olzak
- Tags: Malware, Behavior Analysis, Signature Comparison, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Tom Olzak
- Blog posts 2008-08-06
- Five steps to protect mobile devices anywhere, anytime
- It should not take warnings about Chinese hackers to push users and organizations toward secure mobile computing. Cybercriminals come in all shapes, sizes, and from all ethnic backgrounds. Securing systems is simply the right thing to do. by Tom Olzak
- Tags: Mobile, Network, Mobile Device, Encryption, Laptop Computer, Notebooks, Advertising & Promotion, Security, Hardware, Notebooks & Tablets, Marketing, Tom Olzak
- Blog posts 2008-08-04
- Write information owner responsibility into policy
- The information owner is a key player in protecting sensitive data and systems. His or her role must be clearly defined in policies. However, security personnel should review information owner decisions to ensure regulatory and policy compliance. by Tom Olzak
- Tags: Policy, Information Owner, Cresson Wood, Outsourcing, Security, It Operations, Business Operations, Outsourcing & Subcontracting, Tom Olzak
- Blog posts 2008-07-30
- Five ways to show business value of M-F authentication
- There's more to selecting an enterprise second-factor authentication method than meets the retina scanner. As with any IT project, each dollar spent must produce business value. With M-F authentication, this translates to value beyond simply verifying an employee's identity. by Tom Olzak
- Tags: Solution, Health Care, Enrollment, Authentication, M-F, Security, Tom Olzak
- Blog posts 2008-07-28
- The security control nobody used...
- Not every security control is successful, particularly those not transparent to business users. This is the story of a failed attempt to encrypt email and the lessons learned. by Tom Olzak
- Tags: Message, Security, Team, Security Control, E-mail, Team Management, Online Communications, Management, Tom Olzak
- Blog posts 2008-07-23
- Strong password management for the mobile user
- Truly strong passwords are necessary to protect our information, but they can be a pain to generate, manage, and access globally. There are free online tools that can help meet these challenges. by Tom Olzak
- Tags: Password, Mobile, Information, Strong Password, Xecrets Using Strong Password, Title Information, Tom Olzak
- Blog posts 2008-07-21
- Does IT security really need more whistle-blowers?
- The fact you disagree with management's interpretation of risk, and the security controls they refuse to implement, does not necessarily constitute corporate negligence. Weigh your options carefully if you're inclined to report your boss to an outside agency. by Tom Olzak
- Tags: IT Security, Financial, Information Technology, Professional Development, Financial Accounting, Security, Career, Finance, Tom Olzak
- Blog posts 2008-07-16
- Security Tools: Sun's VirtualBox
- Using Sun Microsystems' VirtualBox, Linux security tools and threat testing can be executed on a Windows platform. And the cost is right. VirtualBox is an open-source solution. by Tom Olzak
- Tags: Innotek VirtualBox, Ubuntu, Sun Microsystems Inc., Window, Tool, Security Tool, Desktop Virtualization, Linux, Open Source, Operating Systems, Software, Tom Olzak
- Blog posts 2008-07-14
- Employees want to do the right thing... so help them
- Your employees want to do the right thing, but their humanity often gets in the way. Technical safeguards can help them, and your network, stay safe. by Tom Olzak
- Tags: Employee, Security, Tom Olzak
- Blog posts 2008-07-08
- Forensics: Text messaging privacy
- A recent U.S. Federal court ruling seems to prohibit employer access to employee text message content. But that's not entirely true. by Tom Olzak
- Tags: Employee, Privacy, Text Messaging, Business Services, Groupware, Telecom & Utilities, Security, Enterprise Software, Software, Tom Olzak
- Blog posts 2008-07-07
- Security Management Tip: Inspect what you expect
- Never assume your security team is focused on the same things you are. Take every opportunity to ensure they are following the path you laid out. If not, course correct, course correct, course correct... by Tom Olzak
- Tags: Team, Security Management, Security, Tom Olzak
- Blog posts 2008-07-02
- Ethics vs. Whitewash
- Security doesn't happen by wishful thinking. It takes hard work, commitment, and management support. Doing the right thing isn't always easy, but we should expect it from those to whom we entrust our information. by Tom Olzak
- Tags: Ethics, Security, Tom Olzak
- Blog posts 2008-06-30
- Free security tools: Secunia Personal Software Inspector
- Making sure applications in new or existing endpoint system images are free from unpatched vulnerabilities is not an easy task. Secunia provides a free utility to help identify and quickly remediate out-of-date or EOL programs. by Tom Olzak
- Tags: Software, Application, Adobe Acrobat, Image, Tool, Secunia, Security Tool, Personal Software Inspector, Security, Tom Olzak
- Blog posts 2008-06-25
- Managing risk with After Action Reviews
- Responding to security incidents, whether they are malicious or accidental, requires a final step that many organizations neglect. An After Action Plan AAR helps to reduce the probability of a recurrence and improve response activities. Tom Olzak shows you how to execute a standard AAR. by Tom Olzak
- Tags: Action Plan, Team, AAR, Team Management, Management, Tom Olzak
- Blog posts 2008-06-24
- Deal responsibly with identity data breaches
- Most security managers are aware of some form of the 5 steps for handling an incident: prevent, detect, contain, eradicate, and recover. These steps are usually sufficient for those incidents in which Personally Identifiable Information PII or electronic Protected Health Information ePHI isn't compromised. However, a breach of individual identity...
- Tags: Security, Medical Identity Theft, Leadership, IT Management, Identity Theft, data theft, Cybercrime, Computer Crime, Compliance
- Blog posts 2007-06-21
- FBI rounds up bot-herders, national security at stake
- During the May 2007 Anti-Phishing Working Group Counter eCrime summit in San Francisco, researcher Joe St. Sauver spoke about the need for a government agency to step up and help in the war against consumer computer compromise. He stated that consumers aren't capable of taking the steps necessary to prevent...
- Tags: Viruses, Virus, Leadership, Internet, Security, Attack mitigation, Computer Crime, Computer Forensics, Cybercrime, Cyberwarfare
- Blog posts 2007-06-18
- Data owners are not always the final word in data protection
- Data owners are responsible for determining who accesses sensitive information as well as the level of access (i.e. read, write, etc.), but at what point should data owner approval be checked by the security team? In other words, when is it appropriate for Security to deny a data owner approved...
- Tags: Risk Management, Leadership, Security Solutions, Security, Compliance
- Blog posts 2007-06-14
- Use the revised OWASP Top Ten to secure your Web applications -- Part 8
- This blog entry is also available as a TechRepublic download in PDF form.In this final installment in the revised Open Web Application Security Project OWASP Top 10 series, the final three vulnerabilities are explored -- insecure cryptographic storage, insecure communications, and failure to restrict URL access. The final three vulnerabilities...
- Tags: Software Development, Programming, Security, Application Development
- Blog posts 2007-06-13
- Consumers 0, Cybercriminals 1: the public disclosure debate
- It's become great sportâ€"and often profitableâ€"to identify vulnerabilities in applications, operating systems, and LAN/WAN device controlling software. These activities are not in themselves a problem. It's the efforts of white hat hackers that help vendors tighten up product security and increase user awareness of high risk environments or actions. But...
- Tags: Security, Attack mitigation, Cybercrime, Computer Crime, patching, vulnerability, Threats, Hacking, Antivirus Research
- Blog posts 2007-06-11
- The growing threat of cyberwarfare
- Recent events have shown that certain nations are ready and willing to use cyberwarfare to push national agendas. What does this mean to nations, and businesses, that rely on the Internet for their economy or defense?Estonia appears to be the first nation to become the target for governmentally sponsored cyberwarfare. ...
- Tags: Threats, Security, Leadership, Government, Cyberwarfare
- Blog posts 2007-06-07